package com.gomoney.auth.controller;

import com.gomoney.auth.service.SysUserService;
import com.gomoney.oauth2.common.entity.sys.SysUser;
import com.gomoney.oauth2.common.util.PageUtils;
import com.gomoney.oauth2.common.util.R;
import org.apache.commons.lang3.ArrayUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.*;

import java.sql.Timestamp;
import java.util.Date;
import java.util.Map;

@RestController
@RequestMapping("/sys/user")
public class SysUserController extends AbstractController {

    @Autowired
    private SysUserService userService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @GetMapping("/list")
    @PreAuthorize("hasAuthority('sys:user:list')")
    public R list(@RequestParam Map<String, Object> params) {
        PageUtils pages = userService.list(params);
        return R.ok().put("page", pages);
    }

    @GetMapping("/lists")
    public R lists(@RequestParam Map<String, Object> params) {
        PageUtils pages = userService.list(params);
        return R.ok().put("page", pages);
    }

    @PostMapping("/password")
    public R changePwd(@RequestBody Map<String, Object> params) {
        SysUser user = getUser();
        boolean flag = passwordEncoder.matches(params.get("password").toString(), user.getUserPass());
        if (!flag) {
            return R.error("原密码不正确");
        }
        SysUser sysUser = userService.findSysUserById(user.getUserId());
        sysUser.setUserPass(passwordEncoder.encode(sysUser.getUserPass()));
        userService.updatePassword(sysUser);
        return R.ok();
    }


    @GetMapping("/sysUser")
    public R sysUser() {
        SysUser user = getUser();
        return R.ok().put("user", user);
    }

    @PostMapping("/info")
    @PreAuthorize("hasAuthority('sys:user:info')")
    public R info(@RequestParam Map<String, Object> params) {
        SysUser user = userService.findSysUserById(params.get("id").toString());
        return R.ok().put("user", user);
    }

    @GetMapping("/self")
    public R self() {
        SysUser user = userService.findSysUserById(getUser().getUserId());
        return R.ok().put("user", user);
    }

    @PostMapping("/save")
    @PreAuthorize("hasAuthority('sys:user:save')")
    public R save(@RequestBody SysUser user) {
        user.setOptrdate(new Timestamp(new Date().getTime()));
        user.setUserPass(passwordEncoder.encode(user.getUserPass()));
        userService.saveSysUser(user);
        return R.ok();
    }

    @PostMapping("/update")
    @PreAuthorize("hasAuthority('sys:user:update')")
    public R update(@RequestBody SysUser user) {
        user.setUserPass(passwordEncoder.encode(user.getUserPass()));
        userService.updateSysUser(user);
        return R.ok();
    }

    @PostMapping("/checkname")
    public R checkName(@RequestBody Map<String, Object> params) {
        SysUser user = userService.findSysUserByName(params.get("name").toString());
        return R.ok().put("emp", user);
    }

    @PostMapping("/delete")
    @PreAuthorize("hasAuthority('sys:user:delete')")
    public R delete(@RequestBody String[] userIds) {
        if (ArrayUtils.contains(userIds, "06afa981-46e9-11e9-b7af-3c2c30a6698a")) {
            return R.error("系统管理员不能删除");
        }
        if (ArrayUtils.contains(userIds, getUser().getUserId())) {
            return R.error("当前用户不能删除");
        }
        userService.delSysUser(userIds);
        return R.ok();
    }
}
